diff options
author | slush <slush@centrum.cz> | 2015-01-23 16:47:41 +0100 |
---|---|---|
committer | bitcoindev <bitcoindev@gnusha.org> | 2015-01-23 15:48:24 +0000 |
commit | 54080525effc280b2dac265a582890566a2aee20 (patch) | |
tree | 90e912cd69c0362f6b383779ce8591b31fb41b17 | |
parent | c6e1be5e968d6f50d342d0d3841016574894d803 (diff) | |
download | pi-bitcoindev-54080525effc280b2dac265a582890566a2aee20.tar.gz pi-bitcoindev-54080525effc280b2dac265a582890566a2aee20.zip |
Re: [Bitcoin-development] SIGHASH_WITHINPUTVALUE
-rw-r--r-- | 90/1fbe2a17c8847875e5c99ee20f1e143c5cc4c0 | 186 |
1 files changed, 186 insertions, 0 deletions
diff --git a/90/1fbe2a17c8847875e5c99ee20f1e143c5cc4c0 b/90/1fbe2a17c8847875e5c99ee20f1e143c5cc4c0 new file mode 100644 index 000000000..d15ade274 --- /dev/null +++ b/90/1fbe2a17c8847875e5c99ee20f1e143c5cc4c0 @@ -0,0 +1,186 @@ +Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] + helo=mx.sourceforge.net) + by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) + (envelope-from <marek@palatinus.cz>) id 1YEgTA-000664-Qb + for bitcoin-development@lists.sourceforge.net; + Fri, 23 Jan 2015 15:48:24 +0000 +X-ACL-Warn: +Received: from mail-ie0-f173.google.com ([209.85.223.173]) + by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) + (Exim 4.76) id 1YEgT9-0004wb-4D + for bitcoin-development@lists.sourceforge.net; + Fri, 23 Jan 2015 15:48:24 +0000 +Received: by mail-ie0-f173.google.com with SMTP id tr6so7766406ieb.4 + for <bitcoin-development@lists.sourceforge.net>; + Fri, 23 Jan 2015 07:48:17 -0800 (PST) +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=1e100.net; s=20130820; + h=x-gm-message-state:mime-version:sender:in-reply-to:references:from + :date:message-id:subject:to:cc:content-type; + bh=84ca8hDB6SNcEMd8XaF/vXIFWc/6giODC3iDZ7NVB+s=; + b=D2Cn2MkV4+cDzWdLQMCgOqGOpEvE9KwBdp68BfjN9QTw2TU9PhNZgHfYJkzPbp0zme + r9PxKVg4PNt9oYlZy/BVK1h6trzWDLCecuWvYCBGAT3RY1RaaPYSmlAquhePYBhKvdUh + jbU4LEOAZKY4ThI5ivXFSubt5DtZkGDV1QeHHuf51lRNYIeWjv2o/VCt5xc4wtuPMJHS + jQ3pJGD+tSKjKr516O9Fs0IYbrEPEJT1a4AcguZ+u7vWdT7Pd6I9Gg1D4ZdilMPKxfiM + KjGAtorQFiTR8bnpKPWINtqU4Xe8DbufgOxSh3KKGaeJhwtp9WKonJAxa+F5yBwQAJf4 + bF6w== +X-Gm-Message-State: ALoCoQkxeAaNe3opJ49rco20rRVVVcN6kOhcDJbGRTL6ROLpUe3Onzld341L08uR5WxeIroKB9hO +X-Received: by 10.50.82.68 with SMTP id g4mr2569999igy.26.1422028091412; Fri, + 23 Jan 2015 07:48:11 -0800 (PST) +MIME-Version: 1.0 +Sender: marek@palatinus.cz +Received: by 10.64.31.138 with HTTP; Fri, 23 Jan 2015 07:47:41 -0800 (PST) +In-Reply-To: <54C26BFE.1080103@gmail.com> +References: <CAJna-HjwMRff_+7BvcR2YME9f2yUQPvfKOGZ1qq9d0nOGqORkg@mail.gmail.com> + <78662993-6C67-4480-8062-55CC9FA63908@bitsofproof.com> + <54C26BFE.1080103@gmail.com> +From: slush <slush@centrum.cz> +Date: Fri, 23 Jan 2015 16:47:41 +0100 +X-Google-Sender-Auth: bi1ZC76a1JwttLLmNe1z87rVbn0 +Message-ID: <CAJna-HiXxt5E=FBiDuWMCKrK4C0dcvhHEjTAoK3LGQLafJOqtQ@mail.gmail.com> +To: Alan Reiner <etotheipi@gmail.com> +Content-Type: multipart/alternative; boundary=047d7bf18db0400f4a050d53b717 +X-Spam-Score: 2.0 (++) +X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. + See http://spamassassin.org/tag/ for more details. + 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (slush[at]centrum.cz) + 1.0 HTML_MESSAGE BODY: HTML included in message + 1.0 AWL AWL: Adjusted score from AWL reputation of From: address +X-Headers-End: 1YEgT9-0004wb-4D +Cc: "bitcoin-development@lists.sourceforge.net" + <bitcoin-development@lists.sourceforge.net> +Subject: Re: [Bitcoin-development] SIGHASH_WITHINPUTVALUE +X-BeenThere: bitcoin-development@lists.sourceforge.net +X-Mailman-Version: 2.1.9 +Precedence: list +List-Id: <bitcoin-development.lists.sourceforge.net> +List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, + <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe> +List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development> +List-Post: <mailto:bitcoin-development@lists.sourceforge.net> +List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help> +List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, + <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe> +X-List-Received-Date: Fri, 23 Jan 2015 15:48:24 -0000 + +--047d7bf18db0400f4a050d53b717 +Content-Type: text/plain; charset=ISO-8859-1 + +Correct, plus the most likely scenario in such attack is that the malware +even don't push such tx with excessive fees to the network, but send it +directly to attacker's pool/miner. + +M. + +On Fri, Jan 23, 2015 at 4:42 PM, Alan Reiner <etotheipi@gmail.com> wrote: + +> Unfortunately, one major attack vector is someone isolating your node, +> getting you to sign away your whole wallet to fee, and then selling it to a +> mining pool to mine it before you can figure why your transactions aren't +> making it to the network. In such an attack, the relay rules aren't +> relevant, and if the attacker can DoS you for 24 hours, it doesn't take a +> ton of mining power to make the attack extremely likely to succeed. +> +> +> +> +> On 01/23/2015 10:31 AM, Tamas Blummer wrote: +> +> Not a fix, but would reduce the financial risk, if nodes were not relaying +> excessive fee transactions. +> +> Tamas Blummer +> +> +> +> +> +> ------------------------------------------------------------------------------ +> New Year. New Location. New Benefits. New Data Center in Ashburn, VA. +> GigeNET is offering a free month of service with a new server in Ashburn. +> Choose from 2 high performing configs, both with 100TB of bandwidth. +> Higher redundancy.Lower latency.Increased capacity.Completely compliant. +> http://p.sf.net/sfu/gigenet +> _______________________________________________ +> Bitcoin-development mailing list +> Bitcoin-development@lists.sourceforge.net +> https://lists.sourceforge.net/lists/listinfo/bitcoin-development +> +> + +--047d7bf18db0400f4a050d53b717 +Content-Type: text/html; charset=ISO-8859-1 +Content-Transfer-Encoding: quoted-printable + +<div dir=3D"ltr">Correct, plus the most likely scenario in such attack is t= +hat the malware even don't push such tx with excessive fees to the netw= +ork, but send it directly to attacker's pool/miner.<div><br></div><div>= +M.</div></div><div class=3D"gmail_extra"><br><div class=3D"gmail_quote">On = +Fri, Jan 23, 2015 at 4:42 PM, Alan Reiner <span dir=3D"ltr"><<a href=3D"= +mailto:etotheipi@gmail.com" target=3D"_blank">etotheipi@gmail.com</a>></= +span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8e= +x;border-left:1px #ccc solid;padding-left:1ex"> + =20 + =20 + =20 + <div bgcolor=3D"#FFFFFF" text=3D"#000000"> + Unfortunately, one major attack vector is someone isolating your + node, getting you to sign away your whole wallet to fee, and then + selling it to a mining pool to mine it before you can figure why + your transactions aren't making it to the network.=A0 In such an + attack, the relay rules aren't relevant, and if the attacker can Do= +S + you for 24 hours, it doesn't take a ton of mining power to make the + attack extremely likely to succeed.<span class=3D""><br> + <br> + <br> + <br> + <br> + <div>On 01/23/2015 10:31 AM, Tamas Blummer + wrote:<br> + </div> + <blockquote type=3D"cite"> + =20 + <div>Not a fix, but would reduce the financial risk, if nodes were + not relaying excessive fee transactions.</div> + <div><br> + </div> + <div> + <div style=3D"color:rgb(0,0,0);font-family:Helvetica;font-size:12px= +;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:no= +rmal;line-height:normal;text-align:start;text-indent:0px;text-transform:non= +e;white-space:normal;word-spacing:0px">Tamas + Blummer</div> + <div style=3D"color:rgb(0,0,0);font-family:Helvetica;font-size:12px= +;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:no= +rmal;line-height:normal;text-align:start;text-indent:0px;text-transform:non= +e;white-space:normal;word-spacing:0px"><br> + </div> + </div> + <br> + </blockquote> + <br> + </span></div> + +<br>-----------------------------------------------------------------------= +-------<br> +New Year. New Location. New Benefits. New Data Center in Ashburn, VA.<br> +GigeNET is offering a free month of service with a new server in Ashburn.<b= +r> +Choose from 2 high performing configs, both with 100TB of bandwidth.<br> +Higher redundancy.Lower latency.Increased capacity.Completely compliant.<br= +> +<a href=3D"http://p.sf.net/sfu/gigenet" target=3D"_blank">http://p.sf.net/s= +fu/gigenet</a><br>_______________________________________________<br> +Bitcoin-development mailing list<br> +<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo= +pment@lists.sourceforge.net</a><br> +<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development= +" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de= +velopment</a><br> +<br></blockquote></div><br></div> + +--047d7bf18db0400f4a050d53b717-- + + |